Home

CVE-2016-3500

Description

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508.

Risk Information

Base Score
5.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
11.609

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Java SE Development Kit 1.8.0Windows
Multiple vulnerabilities are fixed in Azul Zulu JDK 7 7.15Windows
Multiple vulnerabilities are fixed in Azul Zulu JDK 7 (x64) 7.15Windows
Multiple vulnerabilities are fixed in Azul Zulu JDK 8 (MSI) 8.17Windows
Multiple vulnerabilities are fixed in Azul Zulu JDK 8 (MSI) (x64) 8.17Windows
Multiple vulnerabilities are affected in Java SE Development Kit 8.0.920Windows
Multiple vulnerabilities are affected in Java SE Development Kit (x64) 8.0.920Windows
Multiple vulnerabilities are affected in Java Runtime Environment 1.8 8.0.920Windows
Multiple vulnerabilities are affected in Java Runtime Environment 1.8 (x64) 8.0.920Windows
Multiple vulnerabilities are affected in Java SE Development Kit 7 (x64) 7.0.1010Windows
Multiple vulnerabilities are affected in Java SE Development Kit 7 (x86) 7.0.1010Windows
Open Source Java implementation (USN-3043-1) openjdk-8-jdk_8u91-b14-3ubuntu1~16.04.1_i386.debLinux
Open Source Java implementation (USN-3043-1) openjdk-8-jdk_8u91-b14-3ubuntu1~16.04.1_amd64.debLinux
Open Source Java implementation (USN-3043-1) openjdk-8-jre_8u91-b14-3ubuntu1~16.04.1_i386.debLinux
Open Source Java implementation (USN-3043-1) openjdk-8-jre_8u91-b14-3ubuntu1~16.04.1_amd64.debLinux
Open Source Java implementation (USN-3043-1) openjdk-8-jre-zero_8u91-b14-3ubuntu1~16.04.1_i386.debLinux
Open Source Java implementation (USN-3043-1) openjdk-8-jre-zero_8u91-b14-3ubuntu1~16.04.1_amd64.debLinux
Open Source Java implementation (USN-3043-1) openjdk-8-jre-jamvm_8u91-b14-3ubuntu1~16.04.1_i386.debLinux
Open Source Java implementation (USN-3043-1) openjdk-8-jre-jamvm_8u91-b14-3ubuntu1~16.04.1_amd64.debLinux
Open Source Java implementation (USN-3043-1) openjdk-8-jre-headless_8u91-b14-3ubuntu1~16.04.1_i386.debLinux
Open Source Java implementation (USN-3043-1) openjdk-8-jre-headless_8u91-b14-3ubuntu1~16.04.1_amd64.debLinux
Open Source Java implementation (USN-3062-1) openjdk-7-jre_7u111-2.6.7-0ubuntu0.14.04.3_i386.debLinux
Open Source Java implementation (USN-3062-1) openjdk-7-jre_7u111-2.6.7-0ubuntu0.14.04.3_amd64.debLinux
Open Source Java implementation (USN-3062-1) openjdk-7-jre-lib_7u111-2.6.7-0ubuntu0.14.04.3_all.debLinux
Open Source Java implementation (USN-3062-1) openjdk-7-jre-zero_7u111-2.6.7-0ubuntu0.14.04.3_i386.debLinux
Open Source Java implementation (USN-3062-1) openjdk-7-jre-zero_7u111-2.6.7-0ubuntu0.14.04.3_amd64.debLinux
Open Source Java implementation (USN-3062-1) icedtea-7-jre-jamvm_7u111-2.6.7-0ubuntu0.14.04.3_i386.debLinux
Open Source Java implementation (USN-3062-1) icedtea-7-jre-jamvm_7u111-2.6.7-0ubuntu0.14.04.3_amd64.debLinux
Open Source Java implementation (USN-3062-1) openjdk-7-jre-headless_7u111-2.6.7-0ubuntu0.14.04.3_i386.debLinux
Open Source Java implementation (USN-3062-1) openjdk-7-jre-headless_7u111-2.6.7-0ubuntu0.14.04.3_amd64.debLinux
CVE-2016-3500NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-333702Java SE Development Kit 8 Update 391 (32-bit) (8.0.3910.13) (JDK) (Manual Upload Required)
PATCH-344728Azul Zulu JDK 8 (MSI) (8.84.0.15)
PATCH-344692Azul Zulu JDK 8 (MSI) (x64) (8.84.0.15)
PATCH-349783Java SE Development Kit (8.0.4610.11) (Manual Upload Required)
PATCH-349784Java SE Development Kit (x64) (8.0.4610.11) (Manual Upload Required)
PATCH-349781Java Runtime Environment 1.8 (8.0.4610.11) (Manual Upload Required)
PATCH-349782Java Runtime Environment 1.8 (x64) (8.0.4610.11) (Manual Upload Required)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234